I am not versed on the technical merits of SPF so I can't comment. However, I did want to say how refreshing it was to see a fairly long exchange between two (or more) people of differing opinion without it degenerating into name-calling and flamewars. I love this place!

My only substantive contribution to this thread is to agree that breaking or significantly modifying the SMTP protocol to thwart spam is going to be a very painful and tedious process. An an alternative, I read about an interesting proposal on graylisting that uses what SMTP can already do to discourage spammers. In short, it attempts to make it more costly (in terms of time and computer sophistication) for spammers to send spam, so hopefully you would discourage some useful percentage of potential spammers. The determined spammers who worked around graylisting would make themselves more vulnerable to other anti-spam methods. Although it's not an airtight anti-spam system, it seems to me like it's more gain for less pain than a complete protocal rewrite.

Oh, and the implementation of greylisting described in the paper is written in Perl. :)